Vault Configuration for Database Assessment

Before you proceed with creating a database assessment profile, first create a secure database vault connection.

To know the prerequisites for using the Central credential Provider (CCP) and Credential Provider (CP), refer to Prerequisites for Windows Operating Systems.

To learn about managing the vault configuration profiles, refer to Permission Controls for Vault Configuration.

Create Vault Connection

Navigate to Configuration > Vault to create a new vault connection.

Click New Secure Vault Connection and enter the following information.

Name: Enter the unique name for your vault connection.

Vault Type: We are currently supporting only the CyberArk vault.

Secret Manager Type: Select the secret manager as a Credential Provider (CP) or Central Credential Provider (CCP).

If you want to fetch database credentials from a vault specific to a Cloud Agent host, select the CP as the Secret Manager Type. If you want to fetch database credentials from a common vault for your subscription, select the CCP.

Vault Credentials: To access the database credentials from the CyberArk vault, enter the vault application ID and URL.

Note: The Application ID and vault URL are generated while setting up the CyberArk vault.

Quick Actions Menu

To view the Quick Actions menu, select the existing vault connection and click the down arrow.

From the Quick Actions menu, you can view connection details, edit them, or delete a connection.

View Vault Connection Details

Click View Details in the Quick Actions menu to view connection details.

The vault connection details window displays the connection's vault type, secret manager type, and vault credentials.

Edit Vault Connection

Click Edit in the Quick Actions menu to edit the Vault Connection.

Note: You can not edit the Secret Manager Type for the subscription-level profile.

Delete Vault Connection

Click Delete in the Quick Actions menu to permanently delete the vault connection.